[throwaway_391]

I don't fully understand why everyone gets upset over browser leaks when in private mode - most websites interested in tracking private sessions will just associate private and non-private sessions by IP address.

If you're paranoid enough to use a VPN for 'private' traffic, you should probably be running such sessions in a VM using something like the tails live CD.

[mirimir]

For sure.

But using Tails in VMs isn't recommended. Better is using Whonix, because it isolates the Tor client and userland in separate VMs. It also has a LiveCD mode. And for added security, you can run it in Qubes.

[throwaway_391]

Funny that you namedrop like three security products but fail to evaluate which hypervisor should be used, which is probably the most important part of a secure environment if unauthorized code execution fits in your threat model.

[mirimir]

Sorry. Whonix, by default for non-expert users, runs in VirtualBox. You can also use KVM. And Qubes basically uses Xen.

My threat model is mainly about preventing potential adversaries from learning my ISP-assigned IP address. I don't care all that much if a VM, or even a host machine, gets pwned. My stuff is well enough compartmentalized that I'd at most lose some work. But not my privacy.

[mmwelt]

Indeed. Private sessions do not make you untrackable, the only difference is nothing is saved from the session. But many people misunderstand what private/incognito mode does.